crypto.9 (158850) | crypto.9 (159214) |
---|---|
1.\" $OpenBSD: crypto.9,v 1.19 2002/07/16 06:31:57 angelos Exp $ 2.\" 3.\" The author of this manual page is Angelos D. Keromytis (angelos@cis.upenn.edu) 4.\" 5.\" Copyright (c) 2000, 2001 Angelos D. Keromytis 6.\" 7.\" Permission to use, copy, and modify this software with or without fee 8.\" is hereby granted, provided that this entire notice is included in 9.\" all source code copies of any software which is or includes a copy or 10.\" modification of this software. 11.\" 12.\" THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 13.\" IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 14.\" REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 15.\" MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 16.\" PURPOSE. 17.\" | 1.\" $OpenBSD: crypto.9,v 1.19 2002/07/16 06:31:57 angelos Exp $ 2.\" 3.\" The author of this manual page is Angelos D. Keromytis (angelos@cis.upenn.edu) 4.\" 5.\" Copyright (c) 2000, 2001 Angelos D. Keromytis 6.\" 7.\" Permission to use, copy, and modify this software with or without fee 8.\" is hereby granted, provided that this entire notice is included in 9.\" all source code copies of any software which is or includes a copy or 10.\" modification of this software. 11.\" 12.\" THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 13.\" IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 14.\" REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 15.\" MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 16.\" PURPOSE. 17.\" |
18.\" $FreeBSD: head/share/man/man9/crypto.9 158850 2006-05-23 08:43:28Z pjd $ | 18.\" $FreeBSD: head/share/man/man9/crypto.9 159214 2006-06-03 23:39:13Z pjd $ |
19.\" | 19.\" |
20.Dd May 17, 2006 | 20.Dd June 4, 2006 |
21.Dt CRYPTO 9 22.Os 23.Sh NAME 24.Nm crypto 25.Nd API for cryptographic services in the kernel 26.Sh SYNOPSIS 27.In opencrypto/cryptodev.h 28.Ft int32_t --- 40 unchanged lines hidden (view full) --- 69}; 70 71struct cryptodesc { 72 int crd_skip; 73 int crd_len; 74 int crd_inject; 75 int crd_flags; 76 struct cryptoini CRD_INI; | 21.Dt CRYPTO 9 22.Os 23.Sh NAME 24.Nm crypto 25.Nd API for cryptographic services in the kernel 26.Sh SYNOPSIS 27.In opencrypto/cryptodev.h 28.Ft int32_t --- 40 unchanged lines hidden (view full) --- 69}; 70 71struct cryptodesc { 72 int crd_skip; 73 int crd_len; 74 int crd_inject; 75 int crd_flags; 76 struct cryptoini CRD_INI; |
77#define crd_iv CRD_INI.cri_iv 78#define crd_key CRD_INI.cri_key 79#define crd_alg CRD_INI.cri_alg 80#define crd_klen CRD_INI.cri_klen |
|
77 struct cryptodesc *crd_next; 78}; 79 80struct cryptop { 81 TAILQ_ENTRY(cryptop) crp_next; 82 u_int64_t crp_sid; 83 int crp_ilen; 84 int crp_olen; --- 228 unchanged lines hidden (view full) --- 313intended for the invoking application's use. 314.It Va crp_desc 315This is a linked list of descriptors. 316Each descriptor provides 317information about what type of cryptographic operation should be done 318on the input buffer. 319The various fields are: 320.Bl -tag -width ".Va crd_inject" | 81 struct cryptodesc *crd_next; 82}; 83 84struct cryptop { 85 TAILQ_ENTRY(cryptop) crp_next; 86 u_int64_t crp_sid; 87 int crp_ilen; 88 int crp_olen; --- 228 unchanged lines hidden (view full) --- 317intended for the invoking application's use. 318.It Va crp_desc 319This is a linked list of descriptors. 320Each descriptor provides 321information about what type of cryptographic operation should be done 322on the input buffer. 323The various fields are: 324.Bl -tag -width ".Va crd_inject" |
325.It Va crd_iv 326The field where IV should be provided when the 327.Dv CRD_F_IV_EXPLICIT 328flag is given. 329.It Va crd_key 330When the 331.Dv CRD_F_KEY_EXPLICIT 332flag is given, the 333.Va crd_key 334points to a buffer with encryption or authentication key. 335.It Va crd_alg 336An algorithm to use. 337Must be the same as the one given at newsession time. 338.It Va crd_klen 339The 340.Va crd_key 341key length. |
|
321.It Va crd_skip 322The offset in the input buffer where processing should start. 323.It Va crd_len 324How many bytes, after 325.Va crd_skip , 326should be processed. 327.It Va crd_inject 328Offset from the beginning of the buffer to insert any results. --- 25 unchanged lines hidden (view full) --- 354.Xr ipsec 4 , 355can use this flag to indicate that the IV should not be written on the packet. 356This flag is typically used in conjunction with the 357.Dv CRD_F_IV_EXPLICIT 358flag. 359.It Dv CRD_F_IV_EXPLICIT 360For encryption algorithms, this bit is set when the IV is explicitly 361provided by the consumer in the | 342.It Va crd_skip 343The offset in the input buffer where processing should start. 344.It Va crd_len 345How many bytes, after 346.Va crd_skip , 347should be processed. 348.It Va crd_inject 349Offset from the beginning of the buffer to insert any results. --- 25 unchanged lines hidden (view full) --- 375.Xr ipsec 4 , 376can use this flag to indicate that the IV should not be written on the packet. 377This flag is typically used in conjunction with the 378.Dv CRD_F_IV_EXPLICIT 379flag. 380.It Dv CRD_F_IV_EXPLICIT 381For encryption algorithms, this bit is set when the IV is explicitly 382provided by the consumer in the |
362.Va cri_iv | 383.Va crd_iv |
363field. 364Otherwise, for encryption operations the IV is provided for by 365the driver used to perform the operation, whereas for decryption 366operations it is pointed to by the 367.Va crd_inject 368field. 369This flag is typically used when the IV is calculated 370.Dq "on the fly" 371by the consumer, and does not precede the data (some 372.Xr ipsec 4 373configurations, and the encrypted swap are two such examples). 374.It Dv CRD_F_KEY_EXPLICIT | 384field. 385Otherwise, for encryption operations the IV is provided for by 386the driver used to perform the operation, whereas for decryption 387operations it is pointed to by the 388.Va crd_inject 389field. 390This flag is typically used when the IV is calculated 391.Dq "on the fly" 392by the consumer, and does not precede the data (some 393.Xr ipsec 4 394configurations, and the encrypted swap are two such examples). 395.It Dv CRD_F_KEY_EXPLICIT |
375For encryption algorithms, this bit is set when the key is explicitly 376provided by the consumer in the 377.Va cri_key | 396For encryption and authentication (MAC) algorithms, this bit is set when the key 397is explicitly provided by the consumer in the 398.Va crd_key |
378field for the given operation. | 399field for the given operation. |
379Otherwise, the key is taken at newsession time from the same field. | 400Otherwise, the key is taken at newsession time from the 401.Va cri_key 402field. |
380.It Dv CRD_F_COMP 381For compression algorithms, this bit is set when compression is required (when 382not set, decompression is performed). 383.El 384.It Va CRD_INI 385This 386.Vt cryptoini 387structure will not be modified by the framework or the device drivers. --- 252 unchanged lines hidden --- | 403.It Dv CRD_F_COMP 404For compression algorithms, this bit is set when compression is required (when 405not set, decompression is performed). 406.El 407.It Va CRD_INI 408This 409.Vt cryptoini 410structure will not be modified by the framework or the device drivers. --- 252 unchanged lines hidden --- |